#LoqiIndieAuth is a way to use your own domain name to sign in to websites — it's like OpenID, but works with services you likely already use, and is much easier to setup https://indieweb.org/IndieAuth
#ZegnatThat description (“works with services you likely already use”) seems to suggest IndieAuth must include RelMeAuth in some way?
#schmartyZegnat: good catch - IndieAuth-the-protocol doesn't require RelMeAuth
#schmartybut I would argue that IndieAuth.com relies primarily on RelMeAuth
#aaronpkindieauth.com is mostly an abstraction around relmeauth
j12t joined the channel
#schmartymaybe ben would donate thatmustbe.me to rename indieauth.com
#Zegnatschmarty, it depends if we want IndieAuth-the-building-block to include RelMeAuth or not. We write its definition so it is up to us.
#ZegnatI think deciding the scope of what is IndieAuth would help greatly for rewriting the wiki page to be more focused.
#aaronpki've been imagining the OAuth 2 extension spec being named IndieAuth, but am realizing that most people think of IndieAuth as the part that lets you authenticate with twitter/github/etc
#schmartyZegnat: my understanding of IndieAuth-the-protocol is that it only requires authorization endpoint for identification, token endpoint for authorization. indieauth.com is an implementation of that which wraps RelMeAuth.
#sknebelwhat is IndieAuth-the-building-block and how does it relate to Indieauth-(.com)-the-service and Indieauth-the-protocol? :P
#LoqiIt looks like we don't have a page for "IndieAuth-the-building-block and how does it relate to Indieauth-(.com)-the-service and Indieauth-the-protocol" yet. Would you like to create it?
#ZegnatIndieAuth is the protocol that allows discovery for an authentication endpoint (and optionally a token endpoint) on any URL, allowing you to sign-in with a URL of your choosing.
#ZegnatThough do the IndieAuth authentication and token endpoint follow the oauth2 endpoints exactly? I seem to recall not, which means the two endpoints would also be specced by the IndieAuth protocol?
[miklb] joined the channel
#aaronpkOAuth core doesn't specify discovery, but there is an extension spec for that
#ZegnatYeah, the discovery is definitely what makes IndieAuth protocol different. But what about the endpoints themselves? I know we mirrored e.g. scope and state on OAuth for selfauth. Is an IndieAuth authentication-endpoint === an OAuth authentication-endpoint?